Total
2446 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-10502 | 1 Qualcomm | 16 Mdm9206, Mdm9206 Firmware, Mdm9607 and 13 more | 2019-01-03 | 10.0 HIGH | 9.8 CRITICAL |
| While generating trusted application id, An integer overflow can occur giving the trusted application an invalid identity in Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 835 and SDA660. | |||||
| CVE-2018-5816 | 2 Canonical, Libraw | 2 Ubuntu Linux, Libraw | 2019-01-03 | 7.1 HIGH | 6.5 MEDIUM |
| An integer overflow error within the "identify()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.12 can be exploited to trigger a division by zero via specially crafted NOKIARAW file (Note: This vulnerability is caused due to an incomplete fix of CVE-2018-5804). | |||||
| CVE-2018-5815 | 2 Canonical, Libraw | 2 Ubuntu Linux, Libraw | 2019-01-03 | 7.1 HIGH | 6.5 MEDIUM |
| An integer overflow error within the "parse_qt()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.12 can be exploited to trigger an infinite loop via a specially crafted Apple QuickTime file. | |||||
| CVE-2018-17158 | 1 Freebsd | 1 Freebsd | 2018-12-31 | 7.8 HIGH | 7.5 HIGH |
| In FreeBSD before 11.2-STABLE(r340854) and 11.2-RELEASE-p5, an integer overflow error can occur when handling the client address length field in an NFSv4 request. Unprivileged remote users with access to the NFS server can crash the system by sending a specially crafted NFSv4 request. | |||||
| CVE-2018-18206 | 1 Bytom | 1 Bytom | 2018-12-28 | 5.0 MEDIUM | 7.5 HIGH |
| In the client in Bytom before 1.0.6, checkTopicRegister in p2p/discover/net.go does not prevent negative idx values, leading to a crash. | |||||
| CVE-2018-11260 | 1 Google | 1 Android | 2018-12-21 | 4.6 MEDIUM | 7.8 HIGH |
| In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while processing a fast Initial link setup (FILS) connection request, integer overflow may lead to a buffer overflow when the key length is zero. | |||||
| CVE-2018-6983 | 2 Apple, Vmware | 3 Mac Os X, Fusion, Workstation | 2018-12-19 | 7.2 HIGH | 8.8 HIGH |
| VMware Workstation (15.x before 15.0.2 and 14.x before 14.1.5) and Fusion (11.x before 11.0.2 and 10.x before 10.1.5) contain an integer overflow vulnerability in the virtual network devices. This issue may allow a guest to execute code on the host. | |||||
| CVE-2017-18172 | 1 Qualcomm | 48 Mdm9635m, Mdm9635m Firmware, Sd 400 and 45 more | 2018-12-13 | 7.2 HIGH | 7.8 HIGH |
| In a device, with screen size 1440x2560, the check of contiguous buffer will overflow on certain buffer size resulting in an Integer Overflow or Wraparound in System UI in Snapdragon Automobile, Snapdragon Mobile in version MDM9635M, SD 400, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 820A, SD 835, SDM630, SDM636, SDM660, Snapdragon_High_Med_2016. | |||||
| CVE-2018-11865 | 1 Qualcomm | 48 Mdm9206, Mdm9206 Firmware, Mdm9607 and 45 more | 2018-12-07 | 7.2 HIGH | 7.8 HIGH |
| Integer overflow may happen when calculating an internal structure size due to lack of validation of the input length in Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 835, SD 845, SD 850, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDM710, Snapdragon_High_Med_2016. | |||||
| CVE-2018-11866 | 1 Qualcomm | 50 Ipq8074, Ipq8074 Firmware, Mdm9206 and 47 more | 2018-12-07 | 7.2 HIGH | 7.8 HIGH |
| Integer overflow may happen in WLAN when calculating an internal structure size due to lack of validation of the input length in Snapdragon Mobile, Snapdragon Wear in version IPQ8074, MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 835, SD 845, SD 850, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDM710, Snapdragon_High_Med_2016. | |||||
| CVE-2018-18650 | 1 Xpdfreader | 1 Xpdf | 2018-12-06 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in Xpdf 4.00. XRef::readXRefStream in XRef.cc allows attackers to launch a denial of service (Integer Overflow) via a crafted /Size value in a pdf file, as demonstrated by pdftohtml. This is mainly caused by the program attempting a malloc operation for a large amount of memory. | |||||
| CVE-2018-12361 | 3 Canonical, Debian, Mozilla | 5 Ubuntu Linux, Debian Linux, Firefox and 2 more | 2018-12-06 | 6.8 MEDIUM | 8.8 HIGH |
| An integer overflow can occur in the SwizzleData code while calculating buffer sizes. The overflowed value is used for subsequent graphics computations when their inputs are not sanitized which results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60, Firefox ESR < 60.1, and Firefox < 61. | |||||
| CVE-2018-12362 | 4 Canonical, Debian, Mozilla and 1 more | 11 Ubuntu Linux, Debian Linux, Firefox and 8 more | 2018-12-03 | 6.8 MEDIUM | 8.8 HIGH |
| An integer overflow can occur during graphics operations done by the Supplemental Streaming SIMD Extensions 3 (SSSE3) scaler, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox < 61. | |||||
| CVE-2018-17897 | 1 Lcds | 1 Laquis Scada | 2018-11-30 | 7.5 HIGH | 9.8 CRITICAL |
| LAquis SCADA Versions 4.1.0.3870 and prior has several integer overflow to buffer overflow vulnerabilities, which may allow remote code execution. | |||||
| CVE-2018-17569 | 1 Viabtc | 1 Viabtc Exchange Server | 2018-11-26 | 7.5 HIGH | 9.8 CRITICAL |
| network/nw_buf.c in ViaBTC Exchange Server before 2018-08-21 has an integer overflow leading to memory corruption. | |||||
| CVE-2018-17570 | 1 Viabtc | 1 Viabtc Exchange Server | 2018-11-26 | 7.5 HIGH | 9.8 CRITICAL |
| utils/ut_ws_svr.c in ViaBTC Exchange Server before 2018-08-21 has an integer overflow leading to memory corruption. | |||||
| CVE-2018-17568 | 1 Viabtc | 1 Viabtc Exchange Server | 2018-11-20 | 7.5 HIGH | 9.8 CRITICAL |
| utils/ut_rpc.c in ViaBTC Exchange Server before 2018-08-21 has an integer overflow leading to memory corruption. | |||||
| CVE-2017-8816 | 2 Debian, Haxx | 3 Debian Linux, Curl, Libcurl | 2018-11-13 | 7.5 HIGH | 9.8 CRITICAL |
| The NTLM authentication feature in curl and libcurl before 7.57.0 on 32-bit platforms allows attackers to cause a denial of service (integer overflow and resultant buffer overflow, and application crash) or possibly have unspecified other impact via vectors involving long user and password fields. | |||||
| CVE-2017-15818 | 1 Google | 1 Android | 2018-11-12 | 7.2 HIGH | 7.8 HIGH |
| In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while loading a user application in qseecom, an integer overflow could potentially occur if the application partition size is rounded up to page_size. | |||||
| CVE-2018-12511 | 1 Substratum | 1 Substratum | 2018-11-09 | 5.0 MEDIUM | 7.5 HIGH |
| In the mintToken function of a smart contract implementation for Substratum (SUB), an Ethereum ERC20 token, the administrator can control mintedAmount, leverage an integer overflow, and modify a user account's balance arbitrarily. | |||||